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ABSTRACT 


With  the  dramatic  growth  of  information  exchanges  within  and  between 
organizations,  major  concerns  emerge  about  the  assurance  of  information.  Without 
clear  knowledge  of  the  tme  needs  for  information  assurance,  a  company  may  employ 
local,  specialized  solutions  that  are  too  restrictive,  or  not  comprehensive.  On  the  other 
hand,  cost-effective,  variable  integrity  and  variable  security  may  be  economically 
justifiable  and  adequate  for  certain  situations  and  decisions. 

Therefore,  a  new  definition  of  information  assurance  has  been  developed  following 
the  TQM  approach.  It  describes  assurance  as  a  combination  of  information  security, 
integrity,  and  significance. 

The  requirements  of  information  assurance  are  presented  and  have  been  justified  on 
the  basis  of  concrete  results  obtained  from  the  lab  experiments  that  were  conducted. 
Hie  experiments  and  results  have  been  briefly  discussed  in  this  paper. 
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1.  Introduction: 


Companies  are  becoming  increasingly  dependent  on  their  information  systems.  They 
have  new  requirements  regarding  the  trustworthiness  and  value  of  their  information. 
Therefore,  it  is  of  significant  importance  to  develop  a  new  approach  of  assuring 
information,  not  only  based  on  security  as  defined  by  computer  scientists,  but  also  by 
considering  the  integrity,  relevance,  and  other  aspects  of  the  quality  of  information 
displayed  to  the  users. 

In  today’s  companies,  information  systems  not  only  support  business  functions  but  are 
also  an  integral  part  of  business  operations.  For  example,  ERP  systems  (Enterprise 
Resource  Planning)  are  now  essential  for  organizations  and  their  supply  chains.  Incorrect 
information  in  ERP  systems  can  have  serious  consequences  for  the  inter- networked 
companies.  [See  “Experimental  Results”] 

In  this  computing  environment,  having  a  secure  information  system  is  no  longer 
sufficient.  Companies  are  now  seeking  new  approaches  regarding  the  administration  of 
distributed  information  systems  [1—3].  At  the  same  time,  workers  need  more  and 
repeated  training  to  operate  with  increasingly  complex  information  systems;  they  look 
upon  security  practices  as  a  factor  in  slowing  them  down  in  performing  their  jobs.  Hence, 
it  is  necessary  to  automate  the  required  assurance  practices  as  much  as  possible,  and  to 
expect  the  information  system  to  apply  them,  not  the  workers  who  interact  with  the 
system  as  part  of  heir  job.  In  other  words,  information  assurance  tasks  must  be  handled 
in  the  background,  in  parallel  with  the  users  working  with  the  system’s  information.  The 
challenge  is  to  ascertain  what  the  hue  assurance  requirements  are  for  given  industries, 
and  to  develop  the  most  effective  means  to  address  these  requirements. 

It  appears  that  companies  can  no  longer  be  content  with  what  traditionally  has  been 
defined  as  information  security.  A  broader  view  of  information  assurance  is  hence 
needed,  and  a  global  improvement  in  the  trustworthiness  and  value -addition  of 
information  must  be  achieved.  The  approach  taken  by  this  research  project  involves 
surveying  the  assurance  requirements  and  developing  active  protocols  and  autonomous 
agents  to  assure  information  in  networked  enterprises,  as  an  extension  to  our  previous 
research  in  this  direction  [4,  5].  Our  purpose  in  this  paper  is  to  explain  the  approach  of 
information  assurance  that  we  have  developed  so  far  from  the  viewpoint  of  industrial 
engineering  and  information  management,  and  justify  this  approach. 


2.  Literature  Review: 

In  the  literature  dealing  with  information  management,  different  approaches  can  be 
found.  On  one  hand,  an  approach  emphasizing  information’s  accuracy,  value -addition 
and  related  features  [1],  and  on  the  other  hand,  an  approach  focusing  on  information 
security  from  internal  and  external  threats  [6-- 10].  The  topic  of  information  assurance  has 
been  previously  defined  by  mainly  computer  scientists.  According  to  the  literature,  the 
following  definitions  may  be  found. 
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2.1.  Network  Security: 


Network  security  management  is  defined  [9]  as  “supporting  security  policies  by 
monitoring  and  controlling  security  services  and  mechanisms,  distributing 
security  information,  and  reporting  security  events.”  The  functions  associated 
with  network  security  management  are:  controlling  access  to  resources,  retrieving 
and  archiving  security  information,  and  managing  and  controlling  the  encryption 
process.  It  is  also  explained  that  security  requires:  confidentiality,  integrity, 
authentication,  access  control,  non-repudiation  and  availability. 

2.2.  Security  Requirements  in  Distributed  Systems: 

Security  requirements  in  distributed  systems  [10]  include:  identification  and 

authentication,  trusted  recovery,  security  management,  trusted  path,  access 
control,  audit,  availability,  cryptography,  data  confidentiality,  and  data  integrity. 

2.3.  Automated  Information  System  Security: 

According  to  [11],  automated  information  system  security  implies  “the  totality  of 
security  safeguards  needed  to  provide  an  acceptable  level  of  protection  for  the 
system  and  for  data  handled  by  it.” 

2.4.  Assurance: 

Assurance  in  computer  security,  according  to  [11],  is  a  ’’measure  of  confidence 
that  the  security  features  and  architecture  of  an  automated  information  system 

accurately  mediate  and  enforce  the  security  policy.”  Furthermore,  if  the  security 
features  of  this  system  are  relied  upon  to  handle  sensitive  information  and  restrict 
user  access,  the  features  must  be  tested  to  ensure  that  the  security  policy  is 
enforced  during  operation.  A  slightly  different  definition  is  provided  in  [12]: 

“Assurance  is  a  measure  of  confidence  in  the  accuracy  of  a  risk  or  security 

measurement”. 


3.  TQM  Approach  of  Information  Assurance: 

3.1.  Definition: 

As  mentioned  above,  companies  require  more  than  information  security.  Wang 
[1]  pointed  out  the  need  for  companies  to  have  information  that  has  intrinsic, 
access,  contextual,  and  representational  dimensions  by  applying  Total  Quality 
Management  to  data.  In  our  opinion,  Wang’s  useful  work  can  be  combined  with 
further  consideration  of  security  aspects.  When  information  systems  become  the 
spinal  cord  of  modem  companies,  these  companies  must  have  a  reliable  system 
that  provides  secure  and  useful  information,  and  these  systems  have  to  manage 
security  and  assurance  problems  by  themselves. 
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Based  on  our  initial  work,  we  have  concluded  that  an  information  system  is 
worthwhile  for  companies  if  it  can  ensure  that  its  information  is  secure,  keeps  its 
integrity,  and  maintain  its  significant  value  for  users.  Therefore,  we  define 
information  assurance  (Figure  1)  as  the  combination  of: 

1)  Information  security 

2)  Information  integrity 

3)  Information  significance 

Information  security  means  protecting  information  from  malicious  threats  and 
damage  due  to  external  or  internal  sources. 

Information  integrity  should  be  understood  as  permanency  of  the  information 
during  communications  and  storage. 

Lastly,  information  significance  refers  to  the  value  that  the  intended  user  can  get 
out  of  the  information  when  s/he  receives  it. 

More  details  about  these  definitions  are  included  in  Table  1. 


Figure  1.  Broad  view  of  Information  Assurance 

The  definition  commonly  used  in  computer  sciences,  as  defined  above  (by  [11,12]) 
does  not  fit  the  broader  view  of  our  information  assurance  problem.  The  broader  view 
considers  assurance  from  the  viewpoint  of  “quality  assurance”.  Therefore,  the 
definition  that  we  will  use  is  as  follows: 

Information  assurance  combines  the  requirements  of  information  security, 
integrity  and  significance. 

Assuring  information  means  having  a  safe  information  system,  which  guarantees 
that  information  is  secure  and  at  the  same  time  keeps  its  integrity  and  its 
significance  during  its  lifetime. 

Hie  goal  of  information  assurance  is  to  provide  trustworthy  and  significant 
information  to  users  in  operational,  service  systems  that  rely  on  the  information 
for  the  fulfillment  of  their  objectives. 

3.2.  Requirements: 

Our  preliminary  analysis  has  generated  a  fist  of  all  the  requirements  that  a 
company  must  fulfill  if  it  wants  to  assure  its  information  (Table  1).  For  each 
category,  a  non- exhaustive  fist  of  measures  is  shown  that  can  guarantee  that  the 
category  is  fulfilled.  Currently,  the  examples  (in  italics)  are  technical  issues  that 
may  change  with  the  state  of  the  art. 
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One  must  understand  that  Table  1  points  out  comprehensive  requirements  (non 
italic)  that  must  be  fulfilled  to  assure  information  in  networked  enterprises.  It  can 
be  noticed  that  some  of  the  requirements  specified  for  information  security  have 
been  previously  described  in  [2]  regarding  the  RACF  parameters. 


Table  1  -  Requirements  to  assure  information 


Information  Assurance 

Information  Security 
requires: 

Information  Integrity 
requires: 

Information  Significance 
requires: 

Protection  against  external 
threats: 

•  Anti-virus,  hacking  watch 

•  Firewalls 

•  Encryption,  personalization 

•  System  authorizations 
(login  +  password) 

Access  profiles  management: 

Profiles  and  attributes  definition: 

•  Users  groups 

•  Class  authorizations 

•  Attribute  of  groups 

Profiles  and  attribute 
maintenance: 

•  No  user  with  non-standard 
password  intervals 

•  No  userids  that  have  never 
been  used,  or  inactive  users 

Data  logging: 

•  Global  access  table  entries 

•  Started  task  table  entries 

•  Class  descriptor  table  entries 

•  Dataset  name  table  entries 

•  Range  table  entries 

•  Inbuilt  audit  trails 

Data  management: 

•  Definition  of  sensitive  dataset 
profiles 

•  Definition  of  general 
resources  profiles 

Data  integrity: 

•  Preventing  data  decay 

•  Preventing  accidental 
loss  of  data 

•  Updating  and 
maintenance 

Communications 

integrity: 

•  Assuring  quality  of 
communications  links 

•  Recovering  from 
transmission  failures 

•  Ensuring  that  the 
data  of  receiver  and 
sender  map  correctly 

System  recovery: 

•  Restarting  the  system 
after  it  crashes 

•  Reverting  to  stable 
state  after  system 
interruption 

Intrinsic  value  of 
information: 

•  Accuracy 

•  Objectivity 

•  Believability 

Contextual  value  of 
information: 

•  Relevancy 

•  Value-added 

•  Timeliness 

•  Completeness 

•  Correct  amount  of  data 

Representational  value  of 
information: 

•  Interpretability 

•  Ease  of  understanding 

•  Concise  representation 

•  Consistent  representation 
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4.  Experimental  Results: 


Following  our  list  of  requirements,  it  was  concluded  that  there  are  three  possible 
situations  for  communications  in  an  ERP  system.  The  user  can  either  get  correct 
information,  correct  but  delayed,  or  wrong  information. 

This  theoretical  analysis  has  been  supported  by  some  experiments. 

As  a  step  in  refining  the  assurance  requirements  survey  and  showing  the  variable 
needs  in  information  assurance,  experiments  have  been  conducted  with  an  ERP 
software  simulator- trainer  called  MICSS  (Management  Interactive  Case  Study 
Simulator)  [16].  MICSS  was  developed  to  simulate  the  functioning  of  a  company 
with  a  team- oriented  view. 

A  set  of  experiments,  using  this  software,  was  conducted  to  simulate  failures  in 
information  exchange  and  the  potential  consequences  of  subsequent  failures  on  the 
company. 

4.1.  Problem: 

It  has  been  discovered  that  we  can  encounter  3  scenarios  regarding  information  in 
an  ERP  system.  A  data  item  can  indeed  be  correct,  correct  but  delayed,  or  wrong. 
Hence,  we  decided  to  study  the  influence  of  the  following  parameters  on  these 
scenarios:  dataset  (type  of  data  affected  by  information  failure),  length  of  delay 
and  error  size  (difference  between  the  correct  data  and  the  wrong  value). 

First  a  class  experiment  involving  the  undergraduate  students  of  course  IE332  was 
conducted.  This  provided  us  with  a  large  amount  of  data  that  was  analyzed  [17]. 
The  measures  were  not  fully  reliable  to  carry  out  a  deep  statistical  analysis. 
Nevertheless,  it  showed  interesting  trends  that  encouraged  us  in  organizing  our 
own  experiment,  where  we  could  master  all  the  parameters.  The  results  of  our 
team  lab  experiment  are  presented  in  the  following  paragraphs. 


4.2.  Methodology: 

MICSS 

MICSS  (Management  Interactive  Case  Study  Simulator)  [16]  is  an  ERP  simulator 
that  has  been  developed  to  simulate  the  functioning  of  a  company  with  a  team- 
oriented  view. 

MICSS  has  four  views  of  a  company,  namely  Marketing,  Production,  Purchasing 
and  Finance.  Each  of  these  views  has  certain  policies,  which  combine  in  an 
optimal  way  in  order  to  be  profitable  for  the  company.  However  often  the  four 
departments  of  the  company  are  unable  to  communicate  properly  and  this  creates 
discrepancies  in  the  policies  developed  and  hence,  in  information  assurance. 

MICCS  enables  us  to  simulate  the  functioning  of  a  company  through  one  year. 
We  divided  this  period  of  one  year  into  6  periods  of  2  months. 
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Design  of  Experiment 

We  have  decided  to  study  4  factors  in  this  experiment. 

Factor  1 : 

Datasef,  with  4  levels:  Prices,  QLT  (Quoted  Lead  Time),  Batch  Size,  and  Order 
Levels. 

Factor  2: 

Failure  type',  with  2  levels:  “wrong  information”,  and  “delayed  information” 

Factor  3  (nested  in  “wrong  information”): 

Error  size',  with  2  levels  “value  doubled”,  and  “value  halved”. 

Factor  4  (nested  in  “delayed  information”): 

Length  of  delay,  with  2  levels  “4  months”,  and  “8  months”. 

So,  we  finally  had  17  scenarios  to  simulate: 

Li  si  of  all  the  scenarios: 


Correct  information: 

(1)  Baseline  policy 

Wrong  information: 

(2)  QLT  doubled 

(3)  Prices  doubled 

(4)  Batch  Size  doubled 

(5)  Order  Level  doubled 

(6)  QLT  divided  by  2 

(7)  Prices  divided  by  2 

(8)  Batch  Size  divided  by  2 

(9)  Order  Level  divided  by  2 

-  Delayed  information: 


(10) 

QLT  delayed  4  months 

(11) 

Prices  delayed  4  months 

(12) 

Batch  Size  delayed  4  months 

(13) 

Order  Level  delayed  4  months 

(14) 

QLT  delayed  8  months 

(15) 

Prices  delayed  8  months 

(16) 

Batch  Size  delayed  8  months 

(17) 

Metrics 

Order  Level  delayed  8  months 

The  Profit  and  the  Due  Date  Performance  (DDP)  were  recorded  at  the  end  of  each 
period  of  2  months.  Profit  represents  how  the  whole  company  is  performing,  and 
the  DDP  gives  an  idea  of  how  well  the  company  is  organized. 

For  each  scenario  10  runs  per  year  were  conducted  in  order  to  have  a  statistical 
overview  of  the  results. 
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Wrong  information  scenarios 

A  data  of  the  baseline  policy  is  modified  (double  or  half)  and  MICSS  is  mn  for  2 
months.  Then  the  data  is  corrected  and  MICSS  is  run  for  intervals  of  2  months  to 
reach  the  end  of  the  year. 

Delayed  information  scenarios 

A  data  of  the  baseline  policy  is  modified  (data- 25%,  because  it  is  a  realistic  value 
that  can  be  encountered  in  the  functioning  of  the  company).  Then  MICSS  is  mn 
for  4  or  8  months,  for  intervals  of  2  months,  depending  on  the  length  of  the  delay 
we  were  simulating.  Then  the  data  is  corrected  and  MICSS  is  mn  for  intervals  of 
2  months  to  reach  the  end  of  the  year. 

Statistical  Analysis 

Hie  hypothesis  of  the  experiment  was  that  the  profits  and  DDP  of  the  company  in 
the  case  of  delayed  and  wrong  information  would  be  different  from  the  case  of 
correct  information. 

Ho  =  Performance  (Profit  or  DDP)  in  the  case  of  information  failure 

(delayed  or  wrong  information)  is  similar  to  the  performance  of  the  correct 
information. 

Hj  =  they  are  significantly  different. 

a  =  0.05  (a  95%  confidence  interval  to  prove  the  hypothesis.) 

if  p  val  <  0.05, we  can  conclude  with  95%  confidence  that  we  reject  the 

null  hypothesis  Ho 

To  verify  the  above  hypothesis,  the  data  was  analyzed  using  single  factor 
ANOVA,  an  analysis  tool  in  EXCEL. 

4.3.  Results: 

The  observations  haven’t  been  analyzed  like  a  nested  design.  We  didn’t  need  all  the 
information  given  by  a  nested  design  analysis.  For  simplicity  and  time  saving,  we 
have  used  single  ANOVAs  to  compare  each  time  two  different  scenarios. 

For  each  dataset,  the  following  comparisons  are  presented  in  [18]: 

Dataset  delayed  4  months  /  Baseline  policy  (for  profit  and  DDP). 

Dataset  delayed  8  months  /  Baseline  policy  (for  profit  and  DDP). 

Dataset  wrong  half  /  Baseline  policy  (for  profit  and  DDP). 

Dataset  wrong  double  /  Baseline  policy  (for  profit  and  DDP). 

The  datasets  are  presented  in  this  order:  Prices,  QLT,  Batch  Size,  Order  Level. 

Then,  the  influence  of  the  length  of  the  time  delay  and  of  the  difference  between  the 
wrong  and  correct  data  are  presented. 

Summary  of  the  graphs  that  can  be  found  in  [1 81 : 

Prices 

Fig.Al  -  Dataset  delayed  4  months  /  Baseline  policy  (for  profit  and  DDP). 

Fig.A2  -  Dataset  delayed  8  months  /  Baseline  policy  (for  profit  and  DDP). 
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Fig.A3  -  Dataset  wrong  half  /  Baseline  policy  (for  profit  and  DDP). 

Fig.A4  -  Dataset  wrong  double  /  Baseline  policy  (for  profit  and  DDP). 

QLT 

Fig.A5  -  Dataset  delayed  4  months  /  Baseline  policy  (for  profit  and  DDP). 

Fig.A6  -  Dataset  delayed  8  months  /  Baseline  policy  (for  profit  and  DDP). 

Fig.A7  -  Dataset  wrong  half  /  Baseline  policy  (for  profit  and  DDP). 

Fig.A8  -  Dataset  wrong  double  /  Baseline  policy  (for  profit  and  DDP). 

Batch  Size 

Fig.A9  -  Dataset  delayed  4  months  /  Baseline  policy  (for  profit  and  DDP). 

Fig.AlO  -  Dataset  delayed  8  months  /  Baseline  policy  (for  profit  and  DDP). 

Fig.Al  1  -  Dataset  wrong  half  /  Baseline  policy  (for  profit  and  DDP). 

Fig.A12  -  Dataset  wrong  double  /  Baseline  policy  (for  profit  and  DDP). 

Order  Level 

Fig.A13  -  Dataset  delayed  4  months  /  Baseline  policy  (for  profit  and  DDP). 

Fig.A14  -  Dataset  delayed  8  months  /  Baseline  policy  (for  profit  and  DDP). 

Fig.A15  -  Dataset  wrong  half  /  Baseline  policy  (for  profit  and  DDP). 

Fig.A16  -  Dataset  wrong  double  /  Baseline  policy  (for  profit  and  DDP). 

Dataset  delayed  4  months  /Dataset  delayed  8  months 
Fig.A17  -  Prices 
Fig.Al 8  -  QLT 
Fig.A19  -  Batch  Size 
Fig.A20  -  Order  Level 

Dataset  wrong  half  /  Dataset  wrong  double 
Fig.A21  -  Prices 
Fig.A22  -  QLT 
Fig.A23  -  Batch  Size 
Fig.A24  -  Order  Level 

Notations: 

“D”  means:  The  two  scenarios  give  significantly  different  results. 

“D  means  that  the  performance  with  information  failure,  for  profit 
or  DDP,  is  worse  than  with  the  baseline  policy. 

“D  +“  means  that  the  performance  with  information  failure,  for  profit 
or  DDP,  is  better  than  with  the  baseline  policy. 

“S”  means:  The  two  scenarios  give  significantly  similar  results. 

Example: 

Two  examples  of  the  results  obtained  from  our  team  lab  experiment  are  presented 
(Fig.  2  and  3).  The  entire  analysis  can  be  found  in  [18]. 
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Fig.  2  -  Prices;  Dataset  delayed  4  months  /  Baseline  policy  (for  profit  and  DDP). 


Baseline  policy  (10  runs) 


Metric:  Profit 


Period  1 

Period  2 

Period  3 

Period  4 

Period  5 

Period  6 

D- 

D- 

D- 

D- 

D- 

D- 

co 


w  E  c 

<D  C  C 

Jr  tj  o 

ro 

a> 

Q 


Metric:  DDP 
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Observations: 

For  profit:  during  the  4  months  of  delay,  the  performance  was  worse.  Then  when 
the  information  was  corrected  (return  to  the  baseline  policy)  the  company 
followed  the  same  trend  as  of  the  correct  scenario,  but  the  gap  due  to  the  delay 
could  not  be  filled. 

For  DDP:  There  were  slight  consequences  that  could  be  easily  removed  when  the 
information  was  corrected. 
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Fig.  3  -  QLT;  Dataset  wrong  double  /  Baseline  policy  (for  profit  and  DDP). 


Baseline  policy  (10  runs) 
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Observations: 

For  profit:  After  returning  to  the  baseline  policy,  the  company  did  not  follow  the 
same  trend  as  of  the  correct  information.  The  slope  is  smaller.  There  were  long- 
lasting  consequences. 

For  DDP:  There  were  major  consequences  that  lasted  even  after  returning  to  the 
baseline  policy.  But  finally  the  gap  was  filled. 
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4.4.  Summary: 


Table  2  summarizes  for  each  dataset: 

o  Which  information  failure  scenario  had  the  largest  impact  on  the 
functioning  of  the  company  (“1”  means  greatest  impact), 
o  Which  metric  was  the  most  affected  by  a  failure  in  each  dataset, 
o  Whether  or  not  the  length  of  delay  had  an  influence  on  the  results, 
o  Whether  or  not  the  error  size  had  an  influence  on  the  results. 

A  complete  analysis  and  graphical  representation  of  these  results  can  be  found  in 
[18]. 


Table  2  -  Summary  of  the  team  experiment  results. 


Dataset 

Prices 

QLT 

Batch  Size 

Order  Level 

■ 

1.  Wrong  double 

2.  Wrong  half 

3.  Delayed  8 
months 

4.  Delayed  4 
months 

1.  Wrong  double 

2.  Wrong  half 

3.  Delayed  8 
months 

4.  Delayed  4 
months 

1.  Wrong  half 

Then  similar  for: 
Wrong  double 
Delayed  8  months 
Delayed  4  months 

Similar  for  all  the 
scenarios 

Metrics 

sensitivity 

1.  Profit 

2.  DDP 

Similar  for  profit 
and  DDP 

1.  DDP 

2.  Profit 

Similar  for  profit 
and  DDP 

Length  of 
delay 

Important 

Not  important 

Not  important 

Not  important 

Error  size 

Important 

Important 

Important 

Not  important 

4.5.  Impact  graphs: 

Impact  graphs  summarize  the  impact  of  each  information  failure  type  by  dataset  (Fig. 
4.a  and  4.b).  The  relative  differences: 

a.  (Profit  with  information  failure  -  Profit  with  baseline  policy)  /  (Profit  with 
baseline  policy) 

b.  and:  (DDP  with  information  failure  -  DDP  with  baseline  policy)  /  (DDP 
with  baseline  policy) 

are  represented  respectively  in  Fig.  4.a  and  4.b. 

These  differences  are  shown  using  levels:  [>  70%;  35  to  70%;  5  to  35%;  +/-  5%;  -5  to  - 
35%;  -35  to  -70%;  <  -70%] 

The  following  notations  are  used  in  Fig.  4.a  and  4.b: 

D4:  scenario  with  information  delayed  4  months 
D8:  scenario  with  information  delayed  8  months 
Wh:  scenario  with  information  wrong  half 
Wd:  scenario  with  information  wrong  double 
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PROFIT 


DDP 


Prices  QLT  Batch  size  Order  level  Prices  QLT  Batch  size  Order  level 

Fig.  4.a.  -  Failure  Impact  on  Profit  Fig.  4.b.  -  Failure  Impact  on  DDP 


4.6.  Conclusions: 

1/  Some  datasets  are  more  sensitive  than  other.  For  example  the 
consequences  of  a  problem  concerning  Prices  are  much  more  serious  and 
long  lasting  than  when  it  concerns  QLT.  We  can  rank  the  datasets  that 
have  been  tested  by  decreasing  sensitivity:  Prices,  QLT,  Batch  Size,  Order 
Level. 

2/  Datasets  have  different  characteristics  that  make  them  more  sensitive  to  a 
specific  type  of  information  failure.  For  example,  a  delay  of  8  months  has 
a  large  impact  on  Profit  when  it  concerns  Prices,  but  no  real  impact  when 
it  concerns  QLT. 

3/  Profit  is  very  sensitive  to  information  failures.  DDP  react  more  slowly  and 
need  long  lasting  and  large  errors  to  be  modified. 

4/  Hie  importance  of  information  failure  has  been  proved. 

5/  Hie  importance  of  the  length  of  delay,  and  of  the  error  size  has  been 
proved. 

6/  We  have  seen  that  different  scenarios  can  have  very  different 
consequences.  A  targeted  security  solution  can  then  be  designed  to  prevent 
the  most  serious  cases  first. 
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